But those are small fries, not “the provider of games”
They have less to loose, then. That’s just as dangerous, if not more.
I’m a small fry too, would you run a binary I send you without any form of sandboxing?
we don’t run games as root
No, we typically run them with the same user that stores all our useful private data and that we typically type our passwords with.
Also, why are you OK with that level of sandboxing? don’t you want more “control”? You say containers are bad, but using user roles to protect parts of the system is ok? why are you not running all as root if you want “control”?
we are speaking about Wine, so what they see is limited to WINEPREFIX
Not really, by default you have access to other drives (Z:\ being /, the fs root), wine is not a perfect sandbox, it’s not designed for that… and if you actually did want it to become one (which ultimately would also lead to a need for memory separation to fight memory-leak attacks) then it would not be that different from what’s being pursued. You’d be essentially building the container in a custom version of wine shipped by Valve on Steam, it does not make any difference in terms of “control”.
But those are small fries, not “the provider of games”
WDYM?
They have less to loose, then. That’s just as dangerous, if not more.
I’m a small fry too, would you run a binary I send you without any form of sandboxing?
No, we typically run them with the same user that stores all our useful private data and that we typically type our passwords with.
Also, why are you OK with that level of sandboxing? don’t you want more “control”? You say containers are bad, but using user roles to protect parts of the system is ok? why are you not running all as root if you want “control”?
Not really, by default you have access to other drives (
Z:\being/, the fs root), wine is not a perfect sandbox, it’s not designed for that… and if you actually did want it to become one (which ultimately would also lead to a need for memory separation to fight memory-leak attacks) then it would not be that different from what’s being pursued. You’d be essentially building the container in a custom version of wine shipped by Valve on Steam, it does not make any difference in terms of “control”.